When an external security product processes a RACROUTE REQUEST=VERIFY request, SAF expects the product to build data area ACEE, which is mapped by macro IHAACEE. For token processing, SAF uses field ACEETOKP to reference the token. Token processing is not required, but to be fully compatible with MVS™, the security product should fill in field ACEETOKP with the address of the token.
SAF does not reference any other areas that are chained off the ACEE; therefore, the security product need not fill in the addresses of any other data areas in the ACEE.